dhcpcd-discuss

Re: seccomp violation (unexpected syscall 55)

Roy Marples

Fri Dec 11 22:19:34 2020

On 11/12/2020 22:14, Roy Marples wrote:
Hmmmm yes.
The attached patch allows this and should clean up the new hardware address: null messages.

Let me know how it works for you.

Wrong patch :)

Scrub that and try this one please!

Roy
diff --git a/src/dhcpcd.c b/src/dhcpcd.c
index 306d1d00..4d394f2b 100644
--- a/src/dhcpcd.c
+++ b/src/dhcpcd.c
@@ -1161,8 +1161,10 @@ dhcpcd_linkoverflow(struct dhcpcd_ctx *ctx)
 
 	socklen = sizeof(rcvbuflen);
 	if (getsockopt(ctx->link_fd, SOL_SOCKET,
-	    SO_RCVBUF, &rcvbuflen, &socklen) == -1)
+	    SO_RCVBUF, &rcvbuflen, &socklen) == -1) {
+		logerr("%s: getsockopt", __func__);
 		rcvbuflen = 0;
+	}
 #ifdef __linux__
 	else
 		rcvbuflen /= 2;
@@ -1239,8 +1241,9 @@ dhcpcd_handlehwaddr(struct interface *ifp,
 	}
 
 	if (ifp->hwtype != hwtype) {
-		loginfox("%s: hardware address type changed from %d to %d",
-		    ifp->name, ifp->hwtype, hwtype);
+		if (ifp->active)
+			loginfox("%s: hardware address type changed"
+			    " from %d to %d", ifp->name, ifp->hwtype, hwtype);
 		ifp->hwtype = hwtype;
 	}
 
@@ -1248,8 +1251,12 @@ dhcpcd_handlehwaddr(struct interface *ifp,
 	    (hwlen == 0 || memcmp(ifp->hwaddr, hwaddr, hwlen) == 0))
 		return;
 
-	loginfox("%s: new hardware address: %s", ifp->name,
-	    hwaddr_ntoa(hwaddr, hwlen, buf, sizeof(buf)));
+	if (ifp->active) {
+		loginfox("%s: old hardware address: %s", ifp->name,
+		    hwaddr_ntoa(ifp->hwaddr, ifp->hwlen, buf, sizeof(buf)));
+		loginfox("%s: new hardware address: %s", ifp->name,
+		    hwaddr_ntoa(hwaddr, hwlen, buf, sizeof(buf)));
+	}
 	ifp->hwlen = hwlen;
 	if (hwaddr != NULL)
 		memcpy(ifp->hwaddr, hwaddr, hwlen);
diff --git a/src/privsep-linux.c b/src/privsep-linux.c
index 1fbe97fa..15818f33 100644
--- a/src/privsep-linux.c
+++ b/src/privsep-linux.c
@@ -252,6 +252,11 @@ static struct sock_filter ps_seccomp_filter[] = {
 #ifdef __NR_getpid
 	SECCOMP_ALLOW(__NR_getpid),
 #endif
+#ifdef __NR_getsockopt
+	/* For route socket overflow */
+	SECCOMP_ALLOW_ARG(__NR_getsockopt, 1, SOL_SOCKET),
+	SECCOMP_ALLOW_ARG(__NR_getsockopt, 2, SO_RCVBUF),
+#endif
 #ifdef __NR_ioctl
 	SECCOMP_ALLOW_ARG(__NR_ioctl, 1, SIOCGIFFLAGS),
 	SECCOMP_ALLOW_ARG(__NR_ioctl, 1, SIOCGIFHWADDR),

Follow-Ups:
Re: seccomp violation (unexpected syscall 55)Mantas Mikulėnas
References:
seccomp violation (unexpected syscall 55)Mantas Mikulėnas
Re: seccomp violation (unexpected syscall 55)Roy Marples
Archive administrator: postmaster@marples.name